PSExec for PowerShell

Today I ran into some issues calling PSExec.exe (http://technet.microsoft.com/en-us/sysinternals/bb897553 ) from PowerShell and realized that there is no native cmdlet to execute an application on a remote computer natively in PowerShell.  After spending some time associated with encoding (psexec.exe expects UTF8, however PowerShell is sending Unicode) I decided to create a PowerShell script that could accomplish many of the tasks that…

4

Validating a Certificate

Certificate validation is implemented differently based on the application validating the certificate, the type of identity being validated (i.e. validating a certificate from a web server will differ from validating a signed e-mail), and configuration of the Windows computer performing the validation.  In general, three main areas of a certificate are checked during validation: Does…

0

The PKI Revocation Infrastructure

One of the benefits of leveraging PKI is the ability to revoke a certificate.  PKI is a loosely coupled system that outsources trust to organizations in charge of asserting identities of otherwise unknown systems.  At times, these external entities may become compromised thus requiring revocation of their provided certificate.  Unfortunately, this feature also tends to…

4

Establishing the PKI Relationship

An important rule in PKI is that the private key can never leave the asset being certified without being protected (and it is best practice that the private key never leaves the asset if possible).  If the private key leaves the certified asset at any time without sufficient protection the key is subject to compromise thus…

0

PKI Certificates and the X.509 Standard

In my previous post in the PKI series we covered some history of asymmetric cryptography as well as some of the basic uses of PKI.  In this post, we will cover a bit more on how the cryptographic relationship in PKI works as well as how to request a new certificate.  All content in this post assumes that…

2

Basics and History of PKI

One of the most commonly used and misunderstood concepts of IT that I have encountered is the Public Key Infrastructure, also known as PKI.  PKI is one of the most effective methods of ensuring the confidentiality or integrity of data available today; however, an improper implementation of PKI can severely damage the availability of a…

0

RPC and Network Load Balancing Technologies

What is RPC? Many applications today use Remote Procedure Calls to link client and server communications over a network.  RPC allows client applications to easily perform function calls to local and network-connected server applications using native Windows APIs.  Among the benefits of using RPC are: Flexible communications as defined by an Interface Definition Language (IDL)…

0